Add a new core_native_arch method for meterpreter

zeroSteiner · zeroSteiner · commit 3b2e5e078577 · 2017-02-26T14:22:24.000-05:00
diff --git a/lib/msf/base/sessions/meterpreter.rb b/lib/msf/base/sessions/meterpreter.rb
@@ -536,6 +536,15 @@ def arch
     end
   end
 
+  #
+  # Get a string representation of the architecture of the process in which the
+  # current session is running. This defaults to the same value of arch but can
+  # be overridden by specific meterpreter implementations to add support.
+  #
+  def native_arch
+    arch
+  end
+
   #
   # Generate a binary suffix based on arch
   #
diff --git a/lib/msf/base/sessions/meterpreter_python.rb b/lib/msf/base/sessions/meterpreter_python.rb
@@ -108,6 +108,10 @@ def lookup_error(error_code)
     unknown_error
   end
 
+  def native_arch
+    @native_arch ||= self.core.native_arch
+  end
+
   def supports_ssl?
     false
   end
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
@@ -325,6 +325,18 @@ def machine_id(timeout=nil)
     Rex::Text.md5(mid.to_s.downcase.strip)
   end
 
+  def native_arch(timeout=nil)
+    # Not all meterpreter implementations support this
+    request = Packet.create_request('core_native_arch')
+
+    args = [ request ]
+    args << timeout if timeout
+
+    response = client.send_request(*args)
+
+    response.get_tlv_value(TLV_TYPE_STRING)
+  end
+
   def transport_remove(opts={})
     request = transport_prepare_request('core_transport_remove', opts)
 
